Allow the simple Swift auth to work

Incase we do *not* use keystone as an authentication mechanism, let the
built-in authentication work with this charm.

Without this change, the Swift authentication itself will work, but the
X-Storage-URL header will point to the port the storage daemon listens
on - which is not open in the firewall (70).

This change instead forces the URL to be "the unit's public IP" with the
default port (80), on which haproxy is listening, and will do the right
thing.

Change-Id: Ia2b12153eca3074392aad6dea6ee995990f15633
Signed-off-by: Christopher Glass <chris.glass@canonical.com>

hooks/ceph_radosgw_context.py

@@ -29,9 +29,10 @@ from charmhelpers.core.hookenv import (
     WARNING,
     config,
     log,
-    relation_ids,
     related_units,
     relation_get,
+    relation_ids,
+    unit_public_ip,
 )
 from charmhelpers.contrib.network.ip import (
     format_ipv6_addr,
@@ -175,7 +176,13 @@ class MonContext(context.CephContext):
             'use_syslog': str(config('use-syslog')).lower(),
             'loglevel': config('loglevel'),
             'port': port,
-            'ipv6': config('prefer-ipv6')
+            'ipv6': config('prefer-ipv6'),
+            # The public unit IP is only used in case the authentication is
+            # *Not* keystone - in which case it is used to make sure the
+            # storage endpoint returned by the built-in auth is the HAproxy
+            # (since it defaults to the port the service runs on, and that is
+            # not available externally). ~tribaal
+            'unit_public_ip': unit_public_ip(),
         }
 
         certs_path = '/var/lib/ceph/nss'

templates/ceph.conf

@@ -47,7 +47,9 @@ rgw s3 auth use keystone = true
 {% if cms -%}
 nss db path = /var/lib/ceph/nss
 {% endif %}
-{% endif %}
+{% else -%}
+rgw swift url = http://{{ unit_public_ip }}
+{% endif -%}
 {% if client_radosgw_gateway -%}
 # The following are user-provided options provided via the config-flags charm option.
 # User-provided [client.radosgw.gateway] section config

unit_tests/test_ceph_radosgw_context.py

@@ -28,6 +28,7 @@ TO_PATCH = [
     'related_units',
     'cmp_pkgrevno',
     'socket',
+    'unit_public_ip',
 ]
 
 
@@ -170,6 +171,7 @@ class MonContextTest(CharmTestCase):
     def setUp(self):
         super(MonContextTest, self).setUp(context, TO_PATCH)
         self.config.side_effect = self.test_config.get
+        self.unit_public_ip.return_value = '10.255.255.255'
 
     @patch.object(ceph, 'config', lambda *args:
                   '{"client.radosgw.gateway": {"rgw init timeout": 60}}')
@@ -193,6 +195,7 @@ class MonContextTest(CharmTestCase):
             'hostname': 'testhost',
             'mon_hosts': '10.5.4.1 10.5.4.2 10.5.4.3',
             'old_auth': False,
+            'unit_public_ip': '10.255.255.255',
             'use_syslog': 'false',
             'loglevel': 1,
             'port': 70,
@@ -231,6 +234,7 @@ class MonContextTest(CharmTestCase):
             'hostname': 'testhost',
             'mon_hosts': '10.5.4.1 10.5.4.2 10.5.4.3',
             'old_auth': False,
+            'unit_public_ip': '10.255.255.255',
             'use_syslog': 'false',
             'loglevel': 1,
             'port': 70,
@@ -278,6 +282,7 @@ class MonContextTest(CharmTestCase):
             'hostname': 'testhost',
             'mon_hosts': '10.5.4.1 10.5.4.2 10.5.4.3',
             'old_auth': False,
+            'unit_public_ip': '10.255.255.255',
             'use_syslog': 'false',
             'loglevel': 1,
             'port': 70,
@@ -307,6 +312,7 @@ class MonContextTest(CharmTestCase):
             'hostname': 'testhost',
             'mon_hosts': '10.5.4.1 10.5.4.2 10.5.4.3',
             'old_auth': False,
+            'unit_public_ip': '10.255.255.255',
             'use_syslog': 'false',
             'loglevel': 1,
             'port': 70,